High severity7.9NVD Advisory· Published Aug 12, 2025· Updated Jun 17, 2026
CVE-2025-49707
CVE-2025-49707
Description
Improper access control in Azure Virtual Machines allows an authorized attacker to perform spoofing locally.
Affected products
12- Microsoft/DCadsv5-series Azure VMv5Range: -
- Microsoft/DCasv5-series Azure VMv5Range: -
- Microsoft/DCedsv5-series Azure VMv5Range: -
- Microsoft/DCesv5-series - Azure VMv5Range: -
- Microsoft/DCesv6-series Azure VMv5Range: -
- Microsoft/ECadsv5-series Azure VMv5Range: -
- Microsoft/ECasv5-series Azure VMv5Range: -
- Microsoft/ECedsv5-series Azure VMv5Range: -
- Microsoft/ECesv5-series Azure VMv5Range: -
- Microsoft/Ecesv6-series Azure VMv5Range: -
- Microsoft/NCCadsH100v5-series Azure VMv5Range: -
Patches
Vulnerability mechanics
References
1- msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49707nvdVendor Advisory
News mentions
0No linked articles in our index yet.